快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 353043
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-13006 |
SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information Exposure
|
MEDIUM | 5.3 | 2025-12-05 |
wpeka-club SurveyFunnel – Survey Plugin for WordPress
|
CVE NVD | |
| CVE-2025-13313 |
CRM Memberships <= 2.5 - Missing Authorization to Privilege Escalation via Unauthenticated Password Reset in 'ntzcrm_changepassword' AJAX Endpoint
|
CRITICAL | 9.8 | 2025-12-05 |
dripadmin CRM Memberships
|
CVE NVD | |
| CVE-2025-13362 |
Norby AI <= 1.0.3 - Cross-Site Request Forgery to Settings Update
|
MEDIUM | 4.3 | 2025-12-05 |
jevgenisultanov Norby AI
|
CVE NVD | |
| CVE-2025-13494 |
SSP Debug <= 1.0.0 - Unauthenticated Sensitive Information Exposure
|
MEDIUM | 5.3 | 2025-12-05 |
jimmyredline80 SSP Debug
|
CVE NVD | |
| CVE-2025-12417 |
SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
|
MEDIUM | 6.4 | 2025-12-05 |
wpeka-club SurveyFunnel – Survey Plugin for WordPress
|
CVE NVD | |
| CVE-2025-13066 |
Demo Importer Plus <= 2.0.6 - Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass
|
HIGH | 8.8 | 2025-12-05 |
kraftplugins Demo Importer Plus
|
CVE NVD | |
| CVE-2025-27389 |
OPPO ColorOS 安全漏洞
|
MEDIUM | 5.1 | 2025-12-05 |
ColorOS ColorOS
|
CVE NVD +1 | |
| CVE-2025-12804 |
Booking Calendar <= 10.14.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingcalendar Shortcode
|
MEDIUM | 6.4 | 2025-12-05 |
wpdevelop Booking Calendar
|
CVE NVD | |
| CVE-2025-11759 |
Backup, Restore and Migrate your sites with XCloner <= 4.8.2 - Cross-Site Request Forgery in Xcloner_Remote_Storage:save()
|
MEDIUM | 4.3 | 2025-12-05 |
watchful Backup, Restore and Migrate your sites with XCloner
|
CVE NVD | |
| CVE-2025-62223 |
Microsoft Edge (Chromium-based) for Mac Spoofing Vulnerability
|
MEDIUM | 4.3 | 2025-12-05 |
Microsoft Microsoft Edge (Chromium-based)
microsoft edge_chromium
|
CVE NVD | |
| CVE-2025-14052 |
youlaitech youlai-mall members getMemberById access control
|
MEDIUM | 5.3 | 2025-12-05 |
youlaitech youlai-mall
youlaitech youlai-mall
+2个
|
CVE NVD | |
| CVE-2016-20023 |
In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from th...
|
MEDIUM | 5.0 | 2025-12-05 |
CKSource CKFinder
cksource ckfinder
|
CVE NVD | |
| CVE-2025-32898 |
The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore al...
|
MEDIUM | 4.7 | 2025-12-05 |
KDE KDE Connect verification-code protocol
|
CVE NVD | |
| CVE-2025-32899 |
In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to u...
|
MEDIUM | 4.3 | 2025-12-05 |
KDE KDEConnect
|
CVE NVD | |
| CVE-2025-32900 |
In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to tempo...
|
MEDIUM | 4.3 | 2025-12-05 |
KDE KDE Connect information-exchange protocol
|
CVE NVD | |
| CVE-2025-32901 |
In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause a...
|
MEDIUM | 4.3 | 2025-12-05 |
KDE KDEConnect
|
CVE NVD | |
| CVE-2025-64052 |
Fanvil x210 安全漏洞
|
MEDIUM | 5.1 | 2025-12-05 |
fanvil x210_firmware
|
CVE NVD +1 | |
| CVE-2025-64053 |
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of...
|
HIGH | 7.5 | 2025-12-05 |
fanvil x210_firmware
|
CVE NVD | |
| CVE-2025-64054 |
A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers...
|
CRITICAL | 9.6 | 2025-12-05 |
fanvil x210_firmware
|
CVE NVD | |
| CVE-2025-64056 |
File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local ne...
|
MEDIUM | 4.3 | 2025-12-05 |
fanvil x210_firmware
|
CVE NVD |